[Git][security-tracker-team/security-tracker][master] Remove unclear n/a
Moritz Muehlenhoff
jmm at debian.org
Wed Sep 5 21:44:08 BST 2018
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
6cbbc327 by Moritz Muehlenhoff at 2018-09-05T20:42:15Z
Remove unclear n/a
If something is marked as not-affected, it needs to have a clear explanation
why it's deemed not affected, either in the brackets or via a NOTE:
If that comment is meant to describe that the issue itself is a non-issue,
then the entire entry should be rejected at MITRE, as it's definitely
not a non-issue for jessie only...
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -6634,7 +6634,6 @@ CVE-2018-13819 (A hardcoded secret key, in CA Unified Infrastructure Management
CVE-2018-13818 (Twig before 2.4.4 allows Server-Side Template Injection (SSTI) via the ...)
- twig 2.4.4-2
[stretch] - twig <no-dsa> (Minor issue)
- [jessie] - twig <not-affected> (not tied to the right source)
NOTE: Fixed upstream in 2.4.4
CVE-2018-13817
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6cbbc3270c85b09cd4ee05006b3d5f1db833575a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/6cbbc3270c85b09cd4ee05006b3d5f1db833575a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20180905/b3f9a45e/attachment.html>
More information about the debian-security-tracker-commits
mailing list